<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>MJ Immobilien Admin</title>
</head>

<body>

<?php
$id = isset($_GET["id"]) ? (int)$_GET["id"] : 0;
$eid = isset($_POST["eid"]) ? (int)$_POST["eid"] : 0;
$show = isset($_GET["show"]) ? $_GET["show"] : "";

include ("../connect.php");

class UploadedFiles extends ArrayObject
{
	public function current() {
		return $this->_normalize(parent::current());
	}

	public function offsetGet($offset) {
		return $this->_normalize(parent::offsetGet($offset));
	}

	protected function _normalize($entry) {
		if(isset($entry['name']) && is_array($entry['name'])) {
			$files = array();
			foreach($entry['name'] as $k => $name) {
				$files[$k] = array(
				    'name' => $name,
				    'tmp_name' => $entry['tmp_name'][$k],
				    'size' => $entry['size'][$k],
				    'type' => $entry['type'][$k],
				    'error' => $entry['error'][$k]
				);
			}
			return new self($files);
		}
		return $entry;
	}
}

function showObject($id){
	$sql = 'SELECT *
        	FROM objects
        	WHERE id="'.$id.'"';
	$result = mysql_query($sql);
	$row = mysql_fetch_array($result);

	if(isset($_GET["imagecount"])) {
		uploadFiles($_GET["imagecount"]);
	}

	echo ('<form action="." method="post">');
	echo ('<table align="center" border="1">');
	echo ("
		<tr>
			<td valign=\"top\">Title:</td>
			<td><textarea name=\"title\" cols=\"100\" rows=\"10\">".$row["title"]."</textarea></td>
		</tr>
		<tr>
			<td valign=\"top\">Text:</td>
			<td><textarea name=\"text\" cols=\"100\" rows=\"10\">".$row["text"]."</textarea></td>
		</tr>
		<tr>
			<td valign=\"top\">Typ:</td>
			<td>
				<select name=\"type\" size=\"1\">
      					<option>Wohnung</option>

      					<option>Haus</option>
    				</select>
				<input type=\"text\" value=\"\" name=\"typenew\">
			</td>

		</tr>
		<tr>
			<td valign=\"top\">Paytype:</td>
			<td>
				<select name=\"paytype\" size=\"1\">

      					<option>Mieten</option>
      					<option>Kaufen</option>
    				</select>
				<input type=\"text\" value=\"\" name=\"paytypenew\">

			</td>
		</tr>
		<tr>
			<td><input type=\"hidden\" name=\"eid\" value=\"".$row["id"]."\"></td>
			<td><input type=\"submit\" value=\"Edit\">   <input type=\"reset\" value=\"Cancel\"></td>
		</tr>");
	echo ("</table>");
	echo ('</form>');

	echo ('<div align="center"><form method="get">');
	echo ('<input type="submit" value="upload"> <input type="hidden" name="id" value="'.$id.'"><input type="text" size="2" name="imagecount" value="10"> files for the object');
	echo ('</form></div>');
}

function addObject(){

	if(isset($_POST["title"])) {
		$sql = 'INSERT INTO objects
				(title, text, type, paytype)
				VALUES
				("'.$_POST["title"].'", "'.$_POST["text"].'", "'.$_POST["type"].'", "'.$_POST["paytype"].'")';
		$result = mysql_query($sql);
		return;
	}


	echo ('<form action="?show=addObject" method="post">');
	echo ('<table align="center" border="1">');
	echo ("
		<tr>
			<td valign=\"top\">Title:</td>
			<td><textarea name=\"title\" cols=\"100\" rows=\"10\"></textarea></td>
		</tr>
		<tr>
			<td valign=\"top\">Text:</td>
			<td><textarea name=\"text\" cols=\"100\" rows=\"10\"></textarea></td>
		</tr>
		<tr>
			<td valign=\"top\">Typ:</td>
			<td>
				<select name=\"type\" size=\"1\">
      					<option>Wohnung</option>
      					<option>Haus</option>
    				</select>
				<input type=\"text\" value=\"\" name=\"typenew\">
			</td>
		</tr>
		<tr>
			<td valign=\"top\">Paytype:</td>
			<td>
				<select name=\"paytype\" size=\"1\">
      					<option>Mieten</option>
      					<option>Kaufen</option>
    				</select>
				<input type=\"text\" value=\"\" name=\"paytypenew\">
			</td>
		</tr>
		<tr>
			<td></td>
			<td><input type=\"submit\" value=\"Add\">   <input type=\"reset\" value=\"Cancel\"></td>
		</tr>");
	echo ("</table>");
	echo ('</form>');
}

function uploadFiles($count){

	if(!empty($_FILES['binimages'])) {

		$files = new UploadedFiles($_FILES);

		foreach($files['binimages'] AS $file) {
			if (empty($file['name']))
				continue;

			$fp      = fopen($file['tmp_name'], 'r');
			$content = fread($fp, filesize($file['tmp_name']));
			$content = addslashes($content);
			fclose($fp);

			$query = "INSERT INTO upload (name, objectid, size, type, content ) ".
					 "VALUES ('".$file['name']."', '".$_GET["id"]."', '".$file['name']."', '".$file['type']."', '$content')";

			mysql_query($query) or die(mysql_error());
		}
	}

	echo ('<form enctype="multipart/form-data" action="?show=uploadFiles&id='.$_GET["id"].'" method="post">');
	echo ('<table align="center" border="1">');

	for ($i=0; $i<$count; $i++) {
		echo ("<tr>
				<td>Image $i:</td>
				<td><input type=\"file\" name=\"binimages[]\"></td>
			</tr>");
	}

	echo ("<tr>
			<td></td>
			<td><input type=\"submit\" value=\"Upload\">   <input type=\"reset\" value=\"Cancel\"></td>
		</tr>");
	echo ("</table>");
	echo ('</form>');
}

function editObject($id){

	$sql = 'UPDATE objects
			SET title = "'.$_POST["title"].'",
				text = "'.$_POST["text"].'",
				type = "'.$_POST["type"].'",
				paytype = "'.$_POST["paytype"].'"
        	WHERE id="'.$id.'"';
	$result = mysql_query($sql);
}
?>
<div align="center">
	<form action="?show=findObject" method="get">
		<a href="?show=addObject">Add</a>
		<a href="?show=showAll">All</a>
		<input name="find"><input type="submit" value="Find">
	</form>
</div>
<div>
<?php

if($show == "addObject") {
	addObject();
}

if($show == "uploadFiles") {
	uploadFiles($_GET["imagecount"]);
}

if($eid) {
	editObject($eid);
}

if($id) {
	showObject($id);
}

$sql = 'SELECT *
        FROM objects';

if (isset($_GET["find"])) {
	$sql .= "
		WHERE title LIKE '%".$_GET["find"]."%'
		OR    text LIKE '%".$_GET["find"]."%'";
}

$result = mysql_query($sql);
echo mysql_error();

echo ('<table align="center">');
while ($row = mysql_fetch_array($result))
	echo ("
		<tr>
			<td><a href=?id=".$row["id"].">".$row["title"]."</td>
		</tr>");
echo ("</table>");
?>
</div>

</body>
</html>
